leanspec-sdd
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'lean-spec' CLI for project management, including commands for viewing the project board, searching specs, and updating metadata. It includes a helper script 'scripts/validate-spec.sh' that executes the CLI via 'node' or 'npx'.
- [COMMAND_EXECUTION]: The workflow documentation includes instructions for using 'git worktree' commands to handle parallel feature development in isolated directories.
- [EXTERNAL_DOWNLOADS]: The skill references installation via the 'lean-spec' tool and 'npm'. As these resources (e.g., 'codervisor/forge') are provided by the skill's author or official registries, they are documented as standard configuration steps.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection.
- Ingestion points: The agent reads data from the 'specs/' directory via 'view' and 'search' commands.
- Boundary markers: No specific delimiters or 'ignore' instructions are provided for interpolated specification content.
- Capability inventory: The agent has access to 'lean-spec' CLI commands, 'git' commands, and local shell script execution.
- Sanitization: No explicit sanitization of specification file content is defined within the skill.
- Mitigation: The skill includes a 'Verify Against Reality' principle, directing the agent to validate status against the actual codebase and git history rather than relying solely on spec content.
Audit Metadata